RSA Security 6.1 manual About the Ldap Configuration Interface, Ldap Utilities

Page 94

About the LDAP Configuration Interface

The LDAP Configuration Interface (LCI) consists of an LDAP interface in the RSA RADIUS Server and an LDAP virtual schema. The LDAP virtual schema enables the LDAP interface to translate LDAP requests into a format that can be understood by the RSA RADIUS Server database.

Figures 25 illustrates the relationship between LDAP components.

LDAP Command

Line Utility

Java

Administration

Program


		Core RADIUS Modules


	LDAP		Virtual
	Interface		Schema		Embedded
					Embedded
					RADIUS
			Proprietary		Database
			Proprietary
			HTTPS

Figure 25 LDAP Components

LDAP Utilities

Freeware LDAP utilities, such as ldapsearch, ldapmodify, and ldapdelete, act as clients of the LDAP interface. LDAP utilities let you read and modify an LDAP database.

Xldapsearch – The ldapsearch utility locates and retrieves LDAP directory entries. The ldapsearch utility opens a connection to an LDAP interface using the specified distinguished name and password, binds, and locates entries based on the specified search filter. A search can return a single entry, an entry's immediate subentries, or an entire tree or subtree. Search results are returned in LDIF format.

Xldapmodify – The ldapmodify utility adds or modifies entries in an existing LDAP directory. ldapmodify opens a connection to an LDAP interface using the distinguished name and password you supply, binds, and adds or modifies the entries based on the LDIF update statements contained

82

Using the LDAP Configuration Interface

September 2005

Image 94

Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index Audience About This GuideWhat’s In This Manual Syntax Conventions Vendor Information Related DocumentationRSA Radius Server Documentation Requests for Comments RFCsThird-Party Products Getting Support and ServiceBefore You Call for Customer Support RSA Radius Server Features About RSA Radius ServerRSA Radius Server Overview About RSA Radius Server SeptemberRSA Radius Authentication Radius Packets Radius Server Configuration Radius ConfigurationRadius Client Configuration Shared Secrets RadiusReplication Secret Radius SecretNode Secret Authentication Radius PortsAccounting Accounting Sequence Comma-Delimited Log FilesTunneled Accounting Vendor-Specific Attributes AttributesDictionaries Make/Model FieldAttribute Lists Checklist AttributesUpdating Attribute Information Return List Attributes Attribute ValuesMulti-Valued Attributes System Assigned Values Default ValuesOrderable Attributes Echo PropertyCentralized Configuration Management Replacing a Replica Radius Server Designating a New Primary Radius ServerRecovering a Replica After a Failed Download Changing the Name or IP Address of a ServerRequired Files Installing the RSA Radius ServerBefore You Begin Data Migration/RegistrationInstalling on Windows System RequirementsInstalling the RSA Radius Server If you are installing a Replica RSA Radius Server, clickUninstalling the RSA Radius Server Software Installing on Solaris Installer SyntaxPath Installing the RSA Radius Server Software ReppkgEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Installing on Linux Linux Server System RequirementsShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Using RSA Radius Administrator Running RSA Radius AdministratorRSA Radius Administrator Menus Navigating in RSA Radius AdministratorFile Menu See , Administering Radius Clients on Panel MenuWeb Menu RSA Radius Administrator ToolbarHelp Menu RSA Radius Administrator Windows Adding an EntryEditing an Entry Sample Add WindowCutting/Copying/Pasting Records Sample Edit WindowChanging Column Sequence Using Context MenusResizing Columns Sorting InformationDisplaying Version Information Accessing Online HelpAdding a License Key Exiting the RSA Radius Administrator Add a License for Server WindowAdministering Radius Clients Radius Clients PanelAdding a Radius Client Add Radius Client WindowSecret to display the characters in the shared secret Verifying a Shared Secret Deleting a Radius ClientPage Administering Radius Clients September Adding a Checklist or Return List Attribute for a Profile Administering ProfilesAbout Profiles Default Profile Resolving Profile and User AttributesSetting Up Profiles Adding a ProfileClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Server Authentication Statistics Displaying StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Displaying Server Accounting Statistics Statistics Panel System Accounting StatisticsAccounting Statistic Meaning Resetting Server Statistics Displaying Radius Client StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Replication Panel Adding a Radius Server ManuallyAdd Server Window Enabling a Radius Server Deleting a Radius ServerPublishing Server Configuration Information Notifying Replica Radius ServersRecovering a Replica After a Failed Download Designating a New Primary Radius ServerChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Logging Using the Radius System LogLogging Files Level of Logging Detail Controlling Log File SizeUsing the Accounting Log Accounting Log File FormatFirst Line Headings Comma PlaceholdersStandard Radius Accounting Attributes Acct-Status-TypeAcct-Input-Packets Ldap Configuration Interface File P e n d i x aAbout the Ldap Configuration Interface Ldap UtilitiesLdap Requests Downloading the Ldap UtilitiesConfiguring the Ldap TCP Port Ldap Version ComplianceLdap Virtual Schema Available AttributesLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Ldap Command Examples Searching for RecordsModifying Records Ldapmodify Option MeaningWhere Adding Records Deleting Records Counter Statistics Statistics VariablesStattype server Stattype authentication Stattype accountingRate Statistics Using the Ldap Configuration Interface September Glossary AAADNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode